Abstract
We introduce the use, monitoring, and enforcement of integrity constraints in trust management-style authorization systems. We consider what portions of the policy state must be monitored to detect violations of integrity constraints. Then, we address the fact that not all participants in a trust-management system can be trusted to assist in such monitoring, and show how many integrity constraints can be monitored in a conservative manner so that trusted participants detect and report if the system enters a policy state from which evolution in unmonitored portions of the policy could lead to a constraint violation.
Original language | Undefined |
---|---|
Article number | 10.1145/1609956.1609961 |
Pages (from-to) | 5:1-5:27 |
Journal | ACM transactions on information and system security (TISSEC) |
Volume | 13 |
Issue number | 1 |
DOIs | |
Publication status | Published - 2009 |
Keywords
- EWI-17131
- SCS-Cybersecurity
- distributed system security
- IR-69534
- Integrity
- Trust Management
- METIS-264303
- Access Control